https://cert-portal.siemens.com/productcert/html/ssa-398330.html
https://cert-portal.siemens.com/productcert/html/ssa-879734.html
https://cert-portal.siemens.com/productcert/html/ssa-625862.html
https://cert-portal.siemens.com/productcert/html/ssa-794697.html
https://cert-portal.siemens.com/productcert/html/ssa-203374.html
https://cert-portal.siemens.com/productcert/html/ssa-264815.html
https://www.openssl.org/news/secadv/20230207.txt
https://www.cisa.gov/news-events/ics-advisories/icsa-23-075-04
https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-10
https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-11
Severity: High
ID: 501841
Version: 1.4
Type: remote
Family: Tenable.ot
Published: 12/19/2023
Updated: 9/4/2024
Supported Sensors: Tenable OT Security
Risk Factor: Medium
Score: 6.0
Risk Factor: High
Base Score: 7.1
Temporal Score: 5.3
Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:N/A:C
CVSS Score Source: CVE-2023-0286
Risk Factor: High
Base Score: 7.4
Temporal Score: 6.4
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CPE: cpe:/o:siemens:scalance_w1750d_firmware, cpe:/o:siemens:siplus_et_200sp_cp_1543sp-1_isec_firmware, cpe:/o:siemens:simatic_drive_controller_cpu_1504d_tf_firmware:3.0.3, cpe:/o:siemens:simatic_s7-1500_firmware:2.9.7, cpe:/o:siemens:simatic_drive_controller_cpu_1504d_tf_firmware:2.9.7, cpe:/o:siemens:simatic_s7-1200_firmware:-, cpe:/o:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmware, cpe:/o:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc2_firmware:21.9.7, cpe:/o:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc2_firmware:30.0.0, cpe:/o:siemens:scalance_xm408-4c_firmware, cpe:/o:siemens:scalance_xr526-8c_firmware, cpe:/o:siemens:simatic_et200sp_firmware:2.9.7, cpe:/o:siemens:scalance_xr552-12m_firmware, cpe:/o:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmware, cpe:/o:siemens:simatic_s7-1500_tm_mfp, cpe:/o:siemens:scalance_xr528-6m_firmware, cpe:/o:siemens:simatic_s7-1500_firmware:3.0.3, cpe:/o:siemens:simatic_drive_controller_cpu_1507d_tf_firmware:3.0.3, cpe:/o:siemens:scalance_xm416-4c_firmware, cpe:/o:siemens:simatic_s7-1500_firmware:3.1.0, cpe:/o:siemens:scalance_xr524-8c_firmware, cpe:/o:siemens:simatic_cp_1542sp-1_firmware, cpe:/o:siemens:simatic_drive_controller_cpu_1507d_tf_firmware:2.9.7, cpe:/o:siemens:simatic_et200pro_firmware:2.9.7, cpe:/o:siemens:scalance_xm408-8c_firmware, cpe:/o:siemens:simatic_cp_1543sp-1_firmware, cpe:/o:siemens:simatic_cp_1542sp-1_irc_firmware, cpe:/o:siemens:simatic_s7-1500_firmware:-
Required KB Items: Tenable.ot/Siemens
Exploit Ease: No known exploits are available
Vulnerability Publication Date: 3/14/2023
CVE: CVE-2023-0286
CWE: 20
ICSA: 23-075-04, 24-165-10, 24-165-11